~launchpad-pqm/launchpad/devel

« back to all changes in this revision

Viewing changes to lib/lp/archiveuploader/uploadpolicy.py

Committer: Julian Edwards
Date: 2010-08-26 15:28:34 UTC
mfrom: (11450 launchpad)
mto: This revision was merged to the branch mainline in revision 11453.
Revision ID: julian.edwards@canonical.com-20100826152834-p16tp6o6v2qg3hgu

merge devel

files added:
lib/lp/archiveuploader/tests/test_uploadpolicy.py

lib/lp/bugs/browser/tests/test_bugtracker_views.py

lib/lp/bugs/stories/bugtracker/xx-reschedule-all-watches.txt

files removed:
lib/lp/archiveuploader/tests/nascentupload-security-uploads.txt

files renamed:
lib/lp/archiveuploader/tests/test_securityuploads.py => lib/lp/archiveuploader/tests/test_securityuploads.py.THIS

files modified:
lib/canonical/launchpad/security.py

lib/devscripts/ec2test/entrypoint.py

lib/lp/archiveuploader/nascentupload.py

lib/lp/archiveuploader/tests/__init__.py

lib/lp/archiveuploader/tests/nascentupload-announcements.txt

lib/lp/archiveuploader/tests/nascentupload.txt

lib/lp/archiveuploader/tests/nascentuploadfile.txt

lib/lp/archiveuploader/tests/test_buildduploads.py

lib/lp/archiveuploader/tests/test_nascentupload_documentation.py

lib/lp/archiveuploader/tests/test_ppauploadprocessor.py

lib/lp/archiveuploader/uploadpolicy.py

lib/lp/bugs/browser/bugtracker.py

lib/lp/bugs/configure.zcml

lib/lp/bugs/doc/bugtracker.txt

lib/lp/bugs/interfaces/bugtracker.py

lib/lp/bugs/model/bugtracker.py

lib/lp/bugs/scripts/checkwatches/core.py

lib/lp/bugs/tests/test_bugtracker.py

lib/lp/code/model/sourcepackagerecipebuild.py

lib/lp/soyuz/browser/tests/distroseriesqueue-views.txt

lib/lp/soyuz/doc/soyuz-set-of-uploads.txt

lib/lp/testing/factory.py

lib/lp/testing/sampledata.py

Show diffs side-by-side

added added

removed removed

lib/lp/archiveuploader/uploadpolicy.py

__all__ = [

"AbstractUploadPolicy",

"ArchiveUploadType",

"BuildDaemonUploadPolicy",

"findPolicyByName",

"IArchiveUploadPolicy",

"UploadPolicyError",

]

from textwrap import dedent

from zope.component import (

getGlobalSiteManager,

getUtility,

from lp.registry.interfaces.pocket import PackagePublishingPocket

from lp.registry.interfaces.series import SeriesStatus

from lazr.enum import EnumeratedType, Item

# Defined here so that uploadpolicy.py doesn't depend on lp.code.

SOURCE_PACKAGE_RECIPE_UPLOAD_POLICY_NAME = 'recipe'

# Number of seconds in an hour (used later)

"""

class ArchiveUploadType(EnumeratedType):

SOURCE_ONLY = Item("Source only")

BINARY_ONLY = Item("Binary only")

MIXED_ONLY = Item("Mixed only")

class AbstractUploadPolicy:

"""Encapsulate the policy of an upload to a launchpad archive.

"""

implements(IArchiveUploadPolicy)

name = 'abstract'

options = None

name = 'abstract'

accepted_type = None # Must be defined in subclasses.

def __init__(self):

"""Prepare a policy..."""

self.unsigned_changes_ok = False

self.unsigned_dsc_ok = False

self.create_people = True

self.can_upload_source = True

self.can_upload_binaries = True

self.can_upload_mixed = True

# future_time_grace is in seconds. 28800 is 8 hours

self.future_time_grace = 8 * HOURS

# The earliest year we accept in a deb's file's mtime

self.earliest_year = 1984

def validateUploadType(self, upload):

"""Check that the type of the given upload is accepted by this policy.

100

When the type (e.g. sourceful, binaryful or mixed) is not accepted,

101

the upload is rejected.

102

"""

103

if upload.sourceful and upload.binaryful:

104

if self.accepted_type != ArchiveUploadType.MIXED_ONLY:

105

upload.reject(

106

"Source/binary (i.e. mixed) uploads are not allowed.")

107

108

elif upload.sourceful:

109

if self.accepted_type != ArchiveUploadType.SOURCE_ONLY:

110

upload.reject(

111

"Sourceful uploads are not accepted by this policy.")

112

113

elif upload.binaryful:

114

if self.accepted_type != ArchiveUploadType.BINARY_ONLY:

115

message = dedent("""

116

Upload rejected because it contains binary packages.

117

Ensure you are using `debuild -S`, or an equivalent

118

command, to generate only the source package before

119

re-uploading.""")

120

121

if upload.is_ppa:

122

message += dedent("""

123

See https://help.launchpad.net/Packaging/PPA for

124

more information.""")

125

upload.reject(message)

126

127

else:

128

raise AssertionError(

129

"Upload is not sourceful, binaryful or mixed.")

130

131

def getUploader(self, changes):

132

"""Get the person who is doing the uploading."""

133

return changes.signer

171

216

"""The insecure upload policy is used by the poppy interface."""

172

217

173

218

name = 'insecure'

174

175

def __init__(self):

176

AbstractUploadPolicy.__init__(self)

177

self.can_upload_binaries = False

178

self.can_upload_mixed = False

219

accepted_type = ArchiveUploadType.SOURCE_ONLY

179

220

180

221

def rejectPPAUploads(self, upload):

181

222

"""Insecure policy allows PPA upload."""

283

324

"""The build daemon upload policy is invoked by the slave scanner."""

284

325

285

326

name = 'buildd'

327

accepted_type = ArchiveUploadType.BINARY_ONLY

286

328

287

329

def __init__(self):

288

330

super(BuildDaemonUploadPolicy, self).__init__()

289

331

# We permit unsigned uploads because we trust our build daemons

290

332

self.unsigned_changes_ok = True

291

333

self.unsigned_dsc_ok = True

292

self.can_upload_source = False

293

self.can_upload_mixed = False

294

334

295

335

def setOptions(self, options):

296

336

AbstractUploadPolicy.setOptions(self, options)

314

354

"""This policy is invoked when processing sync uploads."""

315

355

316

356

name = 'sync'

357

accepted_type = ArchiveUploadType.SOURCE_ONLY

317

358

318

359

def __init__(self):

319

360

AbstractUploadPolicy.__init__(self)

320

361

# We don't require changes or dsc to be signed for syncs

321

362

self.unsigned_changes_ok = True

322

363

self.unsigned_dsc_ok = True

323

# We don't want binaries in a sync

324

self.can_upload_mixed = False

325

self.can_upload_binaries = False

326

364

327

365

def policySpecificChecks(self, upload):

328

366

"""Perform sync specific checks."""

331

369

pass

332

370

333

371

334

class SecurityUploadPolicy(AbstractUploadPolicy):

335

"""The security-upload policy.

336

337

It allows unsigned changes and binary uploads.

338

"""

339

340

name = 'security'

341

342

def __init__(self):

343

AbstractUploadPolicy.__init__(self)

344

self.unsigned_dsc_ok = True

345

self.unsigned_changes_ok = True

346

self.can_upload_mixed = True

347

self.can_upload_binaries = True

348

349

def policySpecificChecks(self, upload):

350

"""Deny uploads to any pocket other than the security pocket."""

351

if self.pocket != PackagePublishingPocket.SECURITY:

352

upload.reject(

353

"Not permitted to do security upload to non SECURITY pocket")

354

355

356

372

def findPolicyByName(policy_name):

357

373

"""Return a new policy instance for the given policy name."""

358

374

return getUtility(IArchiveUploadPolicy, policy_name)()

362

378

policies = [

363

379

BuildDaemonUploadPolicy,

364

380

InsecureUploadPolicy,

365

SyncUploadPolicy,

366

SecurityUploadPolicy]

381

SyncUploadPolicy]

367

382

sm = getGlobalSiteManager()

368

383

for policy in policies:

369

384

sm.registerUtility(

Older »